Criminals are shifting away from the mass sending of spam messages towards more targeted attacks. This new development was one of the conclusions drawn by the "2011 State of Security Survey" released by Symantec earlier this month. The survey involves contacting a total of 3,000 businesses spread across a variety of industries and polling respondents responsible for computing resources in the company.
When quizzed about the most critical threats, close to half of all respondents consider targeted attacks among the top three sources of security threat. The change was attributed to a couple of factors, one of which was success by law enforcement and the involvement of industry forces such as Microsoft to shut down sources of spam such as major botnets.
While this is good news, the other reason for the change in trend is somewhat more nefarious: the availability of stealthier malware, as well as a change of strategy by cyber criminals. The change in strategy involves targeting stealthy malware specifically at high-value targets, leveraging them to perform more insidious attacks that move beyond the mere stealing of bank accounts. As reported on eWeek, personal information is siphoned off and sold on underground markets - for greater potential profits than that generated by spamming.
Ultimately, the Symantec report exhorted organizations to develop and enforce IT policies in order to better protect themselves against external threats. The recommendations given by Symantec are hardly new, though are worth repeating due to their timeless nature.
I reproduce some of them here with my comments:
Finally, IT administers were also urged to protect the infrastructure by securing all endpoints, which includes mobile devices, messaging and Web environments. Administrators who want to read the full "2011 State of Security Survey" can download it from here (pdf).